Contact Us
Cavirin Systems, Inc. Cavirin Systems, Inc.
 
  • Product
  • Environments
    • AWS
    • Azure
    • Google Cloud
    • Docker/Kubernetes
  • Solutions
    • Secure Cloud
    • Secure Compute
    • Cloud Compliance
  • Customers
  • Resources
  • Blog
  • Support
  • Search Icon
  • Home
  • Login

Devops Container Security

Devops Container Security

From minimal use just a few short years ago, containers, and most notably Docker, has gained nearly 30% penetration. This container penetration is primary with DevOps; but it crosses production environments and all sizes of environments. Unfortunately, with early adoption there was less of a focus on security. This has been rectified over the past year or so, with security solutions for images, containers, and orchestration now available. However, any container security solution must be agile enough to echo the speed at which containers are created and destroyed if the chance of a breach is to be minimized. Legacy scanning architectures won’t suffice. 

 

docker devop  docker container security

 

A solution should support the complete lifecycle, from image scanning, through hardening of the container itself, to securing the orchestration layer. The diagram below depicts these steps. First, the developer pulls the latest image from a selected private or public registry. This image is scanned for vulnerabilities and patched, and then the developer may work with it, later passing it back to the registry. The registry informs the staging environment, which pulls this and other secure images from the registry, and then invokes a container engine such as Docker to compile them together and create the container. Though assumed to be secure, this container must also be brought into the security process, with the underlying server, VM, and the container itself analyzed for risk. The analysis includes the various CIS and NIST benchmarks and frameworks as well as any regulatory guidelines. Once verified, it can be pushed into production. Finally, but in parallel to this, hardening of any orchestration system should occur, in this case, with Kubernetes. 

 

Container Lifecycle - Docker Image Scanning & Kubernetes Hardening

To learn more about implementing Docker security (or Kubernetes security) in a hybrid infrastructure visit our solutions page, securing the container lifecycle from the beginning.  Cavirin has taken a leadership role securing the container lifecycle, including co-authoring both Docker and Kubernetes Security Benchmarks from the beginning.

 

Details
Written by David Ginsburg
Category: DevOps
  • Docker
  • Containers
  • Devops
  • Kubernetes
  • Prev
  • Next

Subscribe

Tag Cloud

  • security platform
  • Remediation
  • NIST
  • Hybrid-Infrastructure
  • hybrid cloud
  • hipaa
  • Devops
  • Data Security
  • Cybersecurity
  • CyberPosture
  • Containers
  • Compliance
  • Cloud Security
  • CIS Benchmarks
  • AWS

Categories

  • Continuous Security Assessment & Remediation (18)

  • Amazon Web Services (AWS) (4)

  • Cloud Migration (6)

  • CyberPosture (8)

  • DevOps (11)

  • Docker Container Security (8)

  • Google Cloud Platform (GCP) (2)

  • Regulatory Compliance (9)

  • Risk Management & Analytics (3)

  • Security Compliance Platform (10)

  • Security Programs and ISMS (4)

  • Trending in Security (29)

About Cavirin

Cavirin is the only organization that delivers cyberposture intelligence for the hybrid cloud by providing real-time risk & cybersecurity posture management, continuous compliance, further integrating security into DevOps.

Company

  • About Us
  • Leadership
  • Advisory Board
  • Careers
  • News & Events
  • Contact
  • End User License Agreement

Cavirin Partners

  • Partners
  • Partner with Cavirin
  • Global Channel Partners
  • Technology Alliances
  • Partner Program

Contact Us

Phone: 408-200-3544
Email: info@cavirin.com

5201 Great America Pkwy.
Suite 419,
Santa Clara,
CA 95054

© 2019 Cavirin Systems, Inc. All rights reserved.

  • Login
  • Support Desk
  • Privacy Policy
  • Sitemap
  •   
  •   
  •   
How can we help you
X